期刊文献+

一种基于区块链的DNSSEC公钥验证机制 被引量:1

A Blockchain-based DNSSEC Public Key Verification Scheme
下载PDF
导出
摘要 针对中心化域名安全扩展(Domain name system security extensions,DNSSEC)架构所导致的信任链复杂性和单边控制模式,提出了一种去中心化的DNSSEC公钥验证机制.该机制结合区块链结构、密码学累加器和共识算法设计,创新性地实现使用区块链技术的密钥绑定、轮转和验证操作,无需中心化权威节点即可使用可信公钥验证域名记录.进一步分析和实验表明,所提出的机制在保证密钥管理安全性的同时,提高了密钥验证的效率. To solve the problem of the complexity of chain-of-trust and the unilateral governance caused by the centralized domain name system security extensions(DNSSEC)architecture,a decentralized DNSSEC public key verification mechanism is proposed.By introducing blockchain structure design,cryptographic accumulator,and consensus algorithm,the proposed mechanism gives radical new key binding,rotation,and verification operations leveraging blockchain technologies enables the use of trustful public key verification without any centralized authorities.Further analysis and experiments show that the proposed mechanism consistently perform the order of magnitude better key verification performance,as well as achieve a good trade-off between key management complexity and security.
作者 陈闻宇 李晓东 杨学 徐彦之 CHEN Wen-Yu;LI Xiao-Dong;YANG Xue;XU Yan-Zhi(Institute of Computing Technology,Chinese Academy of Sciences,Beijing 100190;University of Chinese Academy of Sciences,Beijing 100049;China Internet Network Information Center,Beijing 100190;Guangdong-Hong Kong-Macao Greater Bay Area(GBA)Research Innovation Institute for Nanotechnology,Guangzhou 510770)
出处 《自动化学报》 EI CAS CSCD 北大核心 2023年第4期731-743,共13页 Acta Automatica Sinica
基金 国家重点研发计划专项基金(2019YFB1804500)资助。
关键词 域名安全扩展 公钥基础设施 区块链 密码学累加器 Domain name system security extensions(DNSSEC) public key infrastructure(PKI) blockchain cryptographic accumulator
  • 相关文献

参考文献3

二级参考文献15

共引文献454

同被引文献7

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部